Eduard GrasaFundació i2CAT
MANTICORE II: IP Network as a Service pilots at HEAnet, NORDUnet and RedIRIS
Motivation: Separate infrastructure ownership and maintenance from usage• Today’s example: cloud computing
2
I need more computing power to run my business
Option A: Buy hardware
Option B: Get some VMs from a
cloud provider
What if I want to provide network services?
3
Network Service Provider
Option A: Buy hardware
Option B: Get some sort of VPN
(It’s ok, but I loose features compared to Option A)
Option C: Any equivalent of “just get
some VMs from a cloud provider”?
A possible option C (I)
4
Network Service Provider
Marketplace
I want a network with POPs @ sites A, B, C:• POP A requirements: …• POP B requirements: …• POP C requirements: …Interconnection between POPs at X Gbps, maximum delay of Y ms.
Ok, I’ll see what I can find!
A possible option C (II)
5
Marketplace
Let’s search the infrastructure providers offerings
Infrastructure Provider
Infrastructure Provider
Infrastructure Providers have previously published their offerings
at the market, with the usage conditions (Price, SLA)
A possible option C (III)
6
Network Service Provider
Marketplace
Ok, here’s your network, it will cost you X € per day, let’s go to Paypal to finish the transaction. You’ll receive an email with the details about your network, with the contact information of your providers and a link to a management application.
Cool! I’ll configure the network addressing, internal routing, firewalls and external routing policies, and will be ready for my customers!
A possible option C (IV)
7
Network Service Provider
Nice! My customers can request the setup of their own services and administer them without annoying me… Thanks automation!Customer A
Brilliant! I can setup a new VPN through a web page, I don’t even have to send an email to the network admin!
Customer B
Cool, We can configure our own routing policies in our virtual CPE… Without buying any hardware!
So it’s all about IaaS and automation
• Is this scenario possible? practical? • What sort of tools would be required to help this scenario
become a reality?• What use cases would this technology make possible?• What relationships would the different actors have?• Is this feasible in a research environment? And in a
commercial environment?
8
Network Service Provider
Marketplace
Infrastructure Provider
Infrastructure Provider
Customer
Overview• MANTICORE research timeline
• Current work: MANTICORE II
• (Near) Future work: MANTYCHORE FP7
9
MANTICORE Projects Timeline
10
2007 2008 2009 2010 2011 2012 2013 2014
MANTICORE I MANTICORE II MANTYCHORE ?
Proof of concept of the management tools – IP Networks with routers only
Demo at TNC 2008
Definition of the scenario for a NREN use case
Robust, modular implementation of the management toolsPilot tests at 3 NRENs: HEAnet, NORDUnet and RedIRIS Initial marketplace design and simulationFirst commercial study
Tools enhancement to increase scope to layer 2 and layer 1 (complete IP Network)Pre-operational services with real users. Initially 3 user communities: e-health, Grid, Media.In depth commercial feasibility study by an operatorMarketplace implementationResearch on zero-carbon infrastructures, collaborate with GSN
Self funded: 120 k€ + equipment loans
Self funded: 200 k€ + equipment donation
In negotiations with EC (FP7): 1.4 M€
Overview• MANTICORE research timeline
• Current work: MANTICORE II
• (Near) Future work: MANTYCHORE FP7
11
Manage parallel networks sharing the same substrate
Physical Router
Router Instance (may be a physical router)
Physical Link
User Site
Each user’s IP network is represented by a different color
Each router instance can be temporarily owned by a different user (router instances
offered as IaaS)
IP Networks can be made of router instances from different providers
12
Other user’s IP Network or the
Internet
Logical Link (may be a full physical link)
• Infrastructure Provider: The infrastructure owner. Assigns permissions to the infrastructure resources so that external users can control them. In MANTICORE II, infrastructure providers are NRENs (HEAnet, NORDUnet, RedIRIS) providing control over physical or virtual routers.
• Service Provider: Gains access to several infrastructure instances and aggregates them under his management domain, providing an IP Network Service to their users.– E.g. Can be the NREN– E.g. Can be someone that wants to provide an IP Network Service for a specific task (e.g. to
carry out a research project, to support a distributed research community).
• End user: Uses the IP Network Service. Has access to modify the characteristics of the service: addressing, internal routing, external routing,
• Marketplace: Acts as a broker between the different actors. They can also interact directly, but marketplaces facilitate multiple parties interaction.
13
Actors in Manticore II
How does the tool look like?Inventory view
14
How does the tool look like?Creating a router instance
15
How does the tool look like?Managing permissions
16
How does the tool look like?IP Network View / IP Network Permissions
17
How does the tool look like?Configuring BGP
18
19
Pilot plans: HEAnet• Goal: Use MANTICORE software to provide a virtualized CPE to a
pseudo-customer site. Timeframe: June 14th – July 26th
• Physical CPEs land the BGP session from the NREN and provide a service demarcation point. Configuration of the CPE is mainly owned by the customer.
• The CPE will be provided through logical routers, and MANTICORE will allow authenticated customers to modify its configuration
HEAnet Core
Ethernet p2p link
Ethernet p2p link
Access router(MANTICORE)
End Station (Pseudo customer site)
HEAnet test lab
20
Pilot plans: HEAnet (II)
• First scenario: Single virtual CPE. The CPE will have 2 uplinks to the core, will advertise the customer address space and will accept a default route on each interface.
• Steps that will be accomplished in this scenario:– HEAnet admin will use MANTICORE with administrative privileges to provision the virtual CPE on the
access router– HEAnet admin will delegate control of the virtual CPE to the pseudo customer user– The pseudo customer user will configure the logical router to meet the functionality of a single CPE as
specified above, including BGP session to the core, and addressing for the end station
– Demonstrate connectivity between the end station and the Internet
End Station (Pseudo customer site)To HEAnet core
To HEAnet core
Virtual CPE
21
Pilot plans: HEAnet (III)
• Second scenario: Two virtual CPEs. Each CPE will have an uplink to the core, advertise the address space and accept a default route each one. They will peer with iBGP, and provide each one a link to the end station, and use VRRP to provide resilient access.
• Steps that will be accomplished in this scenario:– HEAnet admin will use MANTICORE with administrative privileges to provision the virtual CPEs on the access
router– HEAnet admin will delegate control of the virtual CPE to the pseudo customer user– The pseudo customer user will configure the logical router to meet the functionality of the CPEs as specified
– Demonstrate connectivity between the end station and the Internet, even in the case of the failure of one of the two virtual CPEs
End Station (Pseudo customer site)
To HEAnet core
Virtual CPE
To HEAnet core
Virtual CPE
22
Pilot plans: NORDUnet• Goal: MANTICORE as a NOC tool for provisioning virtual network
elements and provide virtual network resources for for customers. Timeframe: July 1st – August 15th
• Phased approach:
– Phase 1: The tools will primarily be used in our lab setup for managing our courses and other activities that need easy deployment of virtual test networks (MANTICORE II scope)
– Phase 2: Trials for advanced users and projects will be run lab resources and the pan-Nordic dynamic end-2-end services testbed.
– Later phases we will involve Nordic NREN networks.
23
Pilot plans: NORDUnet (II)• Initial setup and introduction
– Install the software– Enable provisioning on lab equipment– Investigate authentication options
• Document and simulate service deployment within NORDUnet NOC– Document the setup– Create procedures for the NOC– Trial allocation of network elements, provisioning of virtual networks, and virtual network
administration
• Provision virtual network to a test customer– Simulate a customer order– Run through the deployment process created in the last step
– Simulate customer traffic on the virtual network.– Evaluate and write pilot report
• Goal: Use MANTICORE to enable PASITO partners to control the routing hardware in the testbed. Timeframe: June 14th – July 16th
• PASITO (Plataforma de Ánalisis de Servicios de Telecomunicaciones) is a spanish platform dedicated to the testing and validation of new Internet services and protocols.
• RedIRIS is going to integrate MANTICORE in the RedIRIS POP of the PASITO network, providing virtualised equipment to all the partners involved in such network.
24
Pilot plans: RedIRIS
• The pilot test will showcase:– PASITO Administrator (RedIRIS) creates a logical router– PASITO Administrator (manually still) configures L2
connectivity to the logical router– PASITO Administrator gives permissions to the PASITO partner
(i2CAT) to control the router– PASITO partner uses the PASITO router to extend its test
network, therefore it configures the PASITO router to talk to the router at i2CAT’s premises
25
Pilot plans: RedIRIS (II)
Overview• MANTICORE research timeline
• Current work: MANTICORE II
• (Near) Future work: MANTYCHORE FP7
26
MANTYCHORE FP7 Overview• What? Main goal
– Provide the European research community with IP Networks as a Service over the NRENs e-Infrastructure for the benefit of their research activities, enhancing the quality of the tools available for European Research and increasing the research capabilities and participation of researchers.
• Who? 7 partners– Project Coordinator and tool developer: i2CAT Foundation – 2 NRENs: HEAnet , NORDUnet– 3 users: UNI-C , University of Essex , Trinity College Dublin– 1 commercial operator: Telefónica I+D
• How? Requested to the EC ~1.4M€ in funding to perform 7 activities– 3 NAs: NA1-Project Management; NA2-Dissemination, Exploitation,
Standardization and Liaisons; NA3-Consolidating the user community and users training.
– 2 SAs: SA1-MANTICORE software refinement; SA2-MANTICORE services for virtual research communities
– 2 JRAs: JRA1-Infrastructure resources marketplace; JRA2-Zero Carbon emission virtual infrastructures.
27
Initial users: e-Health, Media and Grid
28
IP Network as a Service
Grid Site
1
Grid Site
2
VMsVM
VM V
M
VMsVM
VM V
M
Grid Site
3
VMsVM
VM V
M
Grid Site
4
VMsVM
VM V
M
Grid Site
5
VMsVM
VM V
M
Grid Site
6
VMsVM
VM V
M
Grid-Ireland “Cloud Layer”, TCD Improving the Health Data Network,
Dedicated IP Networks to support media services,
Fixed connections + VPNs
+ MANTICORE managed
IP Networks
router
router
router
ConnectionAgreement
System
Site 1
router
Site 2
routerAuthorized User
29
Project Outcomes• MANTICORE Toolset (binaries + source code):
– MANTICORE Server– Web application for administrators and users
• Operational experience on providing IP Networks as a Service in NRENs• User experience and feedback on using the service in 3 different areas
(e-Health, Media, Grid) and evaluation of the commercial potential of the service (Telefónica I+D)
• Research and Experimentation results:– Clean energy powered e-Infrastructures, energy metering, impact of virtual
infrastructure relocation on the user experience.– Resource marketplaces as a mechanism for automatically negotiating and
allocating infrastructure resources.
• Results delivered by a mature consortium that has been working since 2007 to deploy operational IaaS network services.
• IP Network as a Service fully encompasses the vision of a Future Internet built on services and virtualization technologies.
• How it will be achieved:– HEAnet and NORDUnet will offer pre-operational services to virtual
research communities– 3 different research communities (e-Health in Denmark, Grid in Ireland
and media in the UK) will use the IP Network services and evaluate how they facilitate their research activities (in terms of flexibility, efficiency, budget savings, …)
– Telefonica I+D will carry out a study on the feasibility of using MANTICORE services in a commercial environment, from an operator’s point of view
– Collaboration with other projects and NRENs to bring MANTICORE services to the maximum number of users (letters of support from redIRIS, DANTE, SURFnet, JAnet, Sigmanet, OSAMI-commons, Clarin, IBBT)
30
Enable HEAnet and NORDUnet to provide IP Network Services to their customers through the MANTICORE tools, enhancing their service portfolio; thus providing virtual research communities with a useful service that can improve their research activities and optimize the efficiency of use of e-Infrastructures.
Objective 1: IP Network as a Service
• How it will be achieved:– Integration of MANTICORE II results with Argia and Ether
• Integration of all the engine drivers: The IaaS Framework engine module provides a model to manage and configure any device model of any vendor. This integration will allow the management and configuration of devices at layers 1, 2 and 3 of the OSI model.
• Integration of all web services: This integration will provide a unified remote interface to be able to access layer 1-3 based network services.
• Integration of all UI modules: Users and administrators will be able to request the integrated layer 1-3 services or manage them by using a single GUI.
– Software refinement based on requirements of the NRENs and user communities• The software will be customized to make sure it fulfils the needs of all the project
stakeholders
31
Refine and expand the MANTICORE services provided by means of integrating the results of the privately funded MANTICORE II project with the IaaS Framework based solutions for optical (Argia) and Ethernet/MPLS networks (Ether); thus being able to provide integrated services at levels 1-3 to the research community.
Objective 2: Integrated Layer 1-3 services
• How it will be achieved:– Study and simulation of the different mechanisms required to
implement the resource marketplace (resource publication, request submission and resource matchmaking and allocation mechanisms)
– Implementation of a marketplace prototype, and integration with the SA1 software.
– Deployment of the prototype, and use of it as a means for the user communities to discover and access HEAnet’s and NORDUnet’s resources.
32
Innovate in the business model used in services based on IaaS, establishing a marketplace where all Infrastructure Providers can publish their available resources with their usage conditions (SLA, price), and all customers can automatically negotiate the SLAs getting the best resource combination for their needs.
Objective 3: Marketplace for resource trading
33
The Green Star Network (GSN)Canadian consortium to research how to lower ICT CO2 emissions
• GSN project deliverables:– GSN: An open architecture ICT
service delivery network
– Sales of Carbon credits by relocation of service implementation within GSN
– Open source middleware that optimizes the use of ICT resource powered by renewable energy sources
– Use cases, white papers, and business resources for GSN dissemination, sustainability and growth
• How it will be achieved:– GSN uses virtualization technologies to allow the nodes in a network (both
hosts and network devices) to change its location based on renewable energy availability (hidro, solar, wind).
– MANTICORE and GSN will collaborate in a joint experimentation to identify and try to address the issues of having the nodes in the network powered by unreliable power sources.
– MANTICORE and GSN will use a joint infrastructure, with some nodes powered by renewable energy sources, to experiment with and validate the scenarios identified by both projects.
34
Use MANTICORE services to contribute to the research performed in the GreenStar Network (GSN) project to enable carbon-neutral infrastructures.
Objective 4: Carbon neutral e-infrastructures
• Target:– Evaluate the likehood of success of MANTICORE services in a
commercial environment and elaborate a business plan. • Activities:
1. Analyze market situation for IaaS services (commodities, prices, supply and demand, trends, revenue models, size …)
2. Identify:• Market actors:
– Stakeholders: e.g. network providers, infrastructure providers, vendors, …– Potential Users: e.g. academic communities, scientific corporations, distributed
business, …– Incoming actors: e.g. city councils, virtual operators, …
• MANTICORE services:– Direct: Router as a Service and IP Network as a Service.– Derivative: new customized and dynamic connectivity services.
• Competitors and Risks.
35
MANTICORE Commercial ExploitationTID Feasibility study of commercial MANTICORE services (I)
3. Analyze applicability in an operator’s ecosystem.• Suitability• Applicability • Feasibility
4. Elaborate business model based on:• Developed marketplace (JRA1) where all infrastructure providers can
announce available resources and all customers can automatically negotiate SLAs in order to get the best combination of resources.
– Short term business case: NRENs announce resources and conditions of usage to researchers
– Mid/long term: Porting MANTICORE tools and services to commercial plane, i.e., European ICT businesses.
• The study of deployment and operation of MANTICORE services (SA2)
36
MANTICORE Commercial ExploitationTID Feasibility study of commercial MANTICORE services (II)
Thank you for your attention
Questions?
MANTICORE II Teami2CAT: Sergi Figuerola, Pau Minoves,
Xavier Barrera, Carlos Baez, Laia Ferrao, Eduard Grasa
HEAnet: Victor Reijs, Dave WilsonNORDUnet: Lars Fischer, Per Nihlen,
Linus NordbergRedIRIS: Alberto Escolano, Tomás P.
de Miguel
University of Essex: Dimitra Simeonidou, Chinwe Abosi, Reza Nejabati
Telefonica I+D: Isidro Cabello, Cristina Peña, David Ortega
Juniper: Jean Marc UzéCisco: Klaas Wierenga, Chris Lonvick,
Steve Wolff